The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP. Security Fix: * curl: NTLM password overflow via integer overflow For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page listed in the References section. Bug Fix: * baseurl with file:// hangs and then timeout in yum repo * curl crashes on http links with rate-limit